April 15, 2017: Hackers released documents and files Friday that cybersecurity experts said indicated the U.S. National Security Agency had accessed the SWIFT interbank messaging system, allowing it to monitor money flows among some Middle Eastern and Latin American banks.

The release included computer code that could be adapted by criminals to break into SWIFT servers and monitor messaging activity, said Shane Shook, a cyber security consultant who has helped banks investigate breaches of their SWIFT systems.

The documents and files were released by a group calling themselves The Shadow Brokers. Some of the records bear NSA seals, but Reuters could not confirm their authenticity.

Also published were many programs for attacking various versions of the Windows operating system, at least some of which still work, researchers said.

In a statement to Reuters, Microsoft, maker of Windows, said it had not been warned by any part of the U.S. government that such files existed or had been stolen.

“Other than reporters, no individual or organization has contacted us in relation to the materials released by Shadow Brokers,” the company said.

The absence of warning is significant because the NSA knew for months about the Shadow Brokers breach, officials previously told Reuters. Under a White House process established by former President Barack Obama’s staff, companies were usually warned about dangerous flaws.

Bangladesh heist

Shook said criminal hackers could use the information released Friday to hack into banks and steal money in operations mimicking a heist last year of $81 million from the Bangladesh central bank.

“The release of these capabilities could enable fraud like we saw at Bangladesh Bank,” Shook said.

The SWIFT messaging system is used by banks to transfer trillions of dollars each day. Belgium-based SWIFT downplayed the risk of attacks employing the code released by hackers Friday.

SWIFT said it regularly releases security updates and instructs client banks on how to handle known threats.

“We mandate that all customers apply the security updates within specified times,” SWIFT said in a statement.

SWIFT said it had no evidence that the main SWIFT network had ever been accessed without authorization.

It was possible that the local messaging systems of some SWIFT client banks had been breached, SWIFT said in a statement, which did not specifically mention the NSA.

When cyberthieves robbed the Bangladesh Bank last year, they compromised that bank’s local SWIFT network to order money transfers from its account at the New York Federal Reserve.

The documents released by the Shadow Brokers on Friday indicate that the NSA may have accessed the SWIFT network through service bureaus. SWIFT service bureaus are companies that provide an access point to the SWIFT system for the network’s smaller clients and may send or receive messages regarding money transfers on their behalf.

“If you hack the service bureau, it means that you also have access to all of their clients, all of the banks,” said Matt Suiche, founder of the United Arab Emirates-based cybersecurity firm Comae Technologies, who has studied the Shadow Broker releases and believes the group has access to NSA files.

The documents posted by the Shadow Brokers include Excel files listing computers on a service bureau network, user names, passwords and other data, Suiche said.

“That’s information you can only get if you compromise the system,” he said.

Cris Thomas, a prominent security researcher with the cybersecurity firm Tenable, said the documents and files released by the Shadow Brokers show “the NSA has been able to compromise SWIFT banking systems, presumably as a way to monitor, if not disrupt, financial transactions to terrorists groups.”

Thwarting terrorists

Since the early 1990s, interrupting the flow of money from Saudi Arabia, the United Arab Emirates and elsewhere to al-Qaida, the Taliban, and other militant Islamic groups in Afghanistan, Pakistan and other countries has been a major objective of U.S. and allied intelligence agencies.

Mustafa Al-Bassam, a computer science researcher at University College London, said on Twitter that the Shadow Brokers documents show that the “NSA hacked a bunch of banks, oil and investment companies in Palestine, UAE, Kuwait, Qatar, Yemen, more.”

He added that NSA “completely hacked” EastNets, one of two SWIFT service bureaus named in the documents that were released by the Shadow Brokers.

Reuters could not independently confirm that EastNets had been hacked. And EastNets, based in Dubai, denied it had been hacked in a statement, calling the assertion “totally false and unfounded.”

EastNets ran a “complete check of its servers and found no hacker compromise or any vulnerabilities,” according to a statement from EastNets’ chief executive and founder, Hazem Mulhim.

In 2013, documents released by former NSA contractor Edward Snowden said the NSA had been able to monitor SWIFT messages.

The agency monitored the system to spot payments intended to finance crimes, according to the documents released by Snowden.

Reuters could not confirm whether the documents released Friday by the Shadow Brokers, if authentic, were related to NSA monitoring of SWIFT transfers since 2013.

Some of the documents released by the Shadow Brokers were dated 2013, but others were not dated. The documents released by the hackers did not clearly indicate whether the NSA had actually used all the techniques cited for monitoring SWIFT messages.
-VOA

Facebook has over 217 million monthly active users in India and 212 million of them are active on smartphones. Pixabay

Electronics and Information Technology Minister Ravi Shankar Prasad on Friday said he will “get the entire facts” about social networking site Facebook reportedly demanding new users’ Aadhaar and revert to Parliament.

“I have also seen the news (about Facebook) in media. They have also given a reply that it was not mandatory. But I will get the entire facts on record before I revert to you,” Prasad told the Rajya Sabha in response to a supplementary question on cybersecurity and data protection.

The Minister also said that the government is going to bring very soon a data protection law.

It was reported a few days back that new users trying to sign up for Facebook were asked to enter their name “as per Aadhaar” records.

However, Facebook has already clarified that it was “not collecting” the Aadhaar data and was just running a “small test” to weed out fake accounts.

“There have been a number of reports about a small test we ran in India to help new users sign up for Facebook. Some have interpreted this test as a request for people’s Aadhaar information when you sign up for a Facebook account. This is not correct,” Facebook said in a blog post on Wednesday.

The government will be soon be introducing Data Protection law. Source: Aadhar Card Kendra

“The test, which has now finished, merely includes additional language on the account sign-up page to explain that using their Aadhaar name will help family and friends recognise them.

“We are not collecting Aadhaar data and do not require people to enter their Aadhaar name when they sign up to Facebook,” it added.

Earlier, Prasad said that the government has no plans to make internet availability a fundamental right but the government is “committed to providing internet connectivity to its citizens”.

“As per a report from TRAI, as on June 2017, India has over 431.21 million internet users and with several million new internet users joining every month.

“This has resulted in more and more Indians coming online and using the internet, giving them the freedom to experience and use the internet in every aspect of their lives,” Prasad said in the reply.